Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-4835

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2014-4835
Last Modified 20 Jan 2015 12:44:40
Published 17 Jan 2015 06:59:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2014-4835

Summary

IBM ServerGuide before 9.63, UpdateXpress System Packs Installer (UXSPI) before 9.63, and ToolsCenter Suite before 9.63 place credentials in logs, which allows local users to obtain sensitive information by reading a file.

Vulnerable Systems

Application

  • Ibm Serverguide 9.60

  • Ibm Toolscenter Suite 9.60

  • Ibm Updatexpress System Packs Installer 9.60


References

XF - ibm-serverguide-cve20144835-sec-bypass(95629)

CONFIRM - http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096777


Last Updated: 27 May 2016 11:07:34